Comparison

util/sasl/oauthbearer.lua @ 12940:2aebd9bf02fc

util.sasl.oauthbearer: Adjust parsing of GS2 to allow lack of authzid Partly copied from util.sasl.scram and then reduced a bit.
author Kim Alvefur <zash@zash.se>
date Thu, 16 Mar 2023 13:45:49 +0100
parent 12938:055b03d3059b
child 12951:4cc0785f960e
comparison
equal deleted inserted replaced
12939:bb6a98a7b0b4 12940:2aebd9bf02fc
9 9
10 if message == "\001" then 10 if message == "\001" then
11 return "failure", "not-authorized"; 11 return "failure", "not-authorized";
12 end 12 end
13 13
14 local gs2_authzid, kvpairs = message:match("n,a=([^,]+),(.+)$"); 14 local gs2_header, kvpairs = message:match("^(n,[^,]*,),(.+)$");
15 if not gs2_authzid then 15 if not gs2_header then
16 return "failure", "malformed-request"; 16 return "failure", "malformed-request";
17 end 17 end
18 local gs2_authzid = gs2_header:match("^[^,]*,a=([^,]*),$");
18 19
19 local auth_header; 20 local auth_header;
20 for k, v in kvpairs:gmatch("([a-zA-Z]+)=([\033-\126 \009\r\n]*)\001") do 21 for k, v in kvpairs:gmatch("([a-zA-Z]+)=([\033-\126 \009\r\n]*)\001") do
21 if k == "auth" then 22 if k == "auth" then
22 auth_header = v; 23 auth_header = v;